Consumers and patients are becoming increasingly and justifiably worried about the confidentiality of their personal information. Cases of prominent disclosures recently highlighted by the media have heightened the fear of abuse and discrimination from inappropriate disclosure of protected he....

The privacy regulations promulgated pursuant to the Health Insurance Portability and Accountability Act of 1996 (the privacy regulations) will clearly have a tremendous impact on most healthcare entities. However, the effect of the privacy regulations on mental health providers with respect t....

You've attended seminars, read articles, outlined systems, and developed forms for implementing the privacy rule, but there is still one step left--actually writing the policies and procedures. For many practitioners, policies and procedures are important but are often put off, then forgotten.....

Some saw the final rule on HIPAA privacy, published in August 2002, as a crowning achievement after years of efforts to secure patient privacy. Others took a more negative view, claiming that big business had finally ensured unhampered access to patient data. HIM professionals, however, should....

Depending on how you count them, there are anywhere from 20 to 60 new policies, procedures, forms, and other related documents required by HIPAA. Its training requirements specify that all members of the work force must be trained on policies and procedures with respect to protected health inf....

By now you know that amendments to the final privacy rule were published in the August 14, 2002, Federal Register. The amendments are intended to correct problems identified in the original privacy rule published on December 28, 2000.

Because HIPAA gives patients the right to copy their medical records, does my facility have to supply a copy machine for this purpose or allow patients to take their records to a copy center? According to section 164.520 of the HIPAA final privacy rule, an individual has "the right to inspect....

It's April 10, 2003, and a privacy officer is reviewing her policies for the imminent privacy regulations, title II of the Health Insurance Portability and Accountability Act (HIPAA) of 1996. The compliance deadline is April 13, 2003, and she is already feeling stressed about meeting the date.....

Every healthcare provider has experienced managing patient complaints, whether they are about cold food, unresponsive staff, or missed medication. However, when it comes to privacy and confidentiality, complaints need to be handled a bit differently. In this article, we'll explore how to handl....

Many HIM professionals will be called upon to perform an extraordinary feat during the next six months. They will be asked to bring one or more organizations into compliance with the HIPAA privacy rule by April 14, 2003. While this task is challenging in organizations that began such efforts a....

The HIPAA transactions, security, and privacy regulations identify five agreements and relationships that can be established between healthcare entities to achieve economies of scale and lessen HIPAA's administrative burden. They are: affiliated covered entity (ACE)

Since the publication of the final modifications to the HIPAA privacy rule in the Federal Register on August 14, 2002, many healthcare providers have been working diligently to understand the proposed revisions and their impact on HIPAA compliance efforts already underway.While some of the mo....

Part two in a two-part series This is the second of two articles on the subject of HIPAA preemption of state privacy law. This article will discuss some practical effects of the preemption rules and where covered entities might turn for assistance in addressing the question of preemptio....

Part one in a two-part series This is the first of two articles on the subject of HIPAA preemption of state privacy law. This article will explain the provisions of the HIPAA regulations regarding preemption. In the September issue we will discuss some practical effects of the preemptio....

Q: I have requested the immunization records from a patients former healthcare provider with the patients written permission. The former healthcare provider refuses to send the immunization records because the patient has a balance on the account. Is this legal?

The many exceptions to the HIPAA privacy rules accounting of disclosures standard make it difficult to determine what must be tracked. Although the rule gives patients the right to receive an accounting of disclosures of their health information, it lists several exceptions. This article....

Q: I work in a clinic setting. An attorney has requested copies of a patients entire record. The record includes reports dictated by one of the clinic physicians at a local hospital during the patients hospitalization. The attorney has the patients permission. Are we allowed....

Q: I work in a clinic setting. An attorney has requested copies of a patient's entire record. The record includes reports dictated by one of the clinic physicians at a local hospital during the patient's hospitalization. The attorney has the patient's permission. Are we allowed under HIPAA to....

The Department of Health and Human Services (HHS) recently proposed amendments to the HIPAA privacy rule aimed at correcting problems related to its implementation. HHS gave the public until April 26 to provide comments. Based....

Q: Our facility is developing our notice of privacy practices under HIPAA. We need to decide how we will communicate with individuals when we make changes to our notice. What are the acceptable methods for communicating with our patient population? Do we have to send a paper copy to everyone whose....

The HIPAA privacy rule provides individuals the right to request access to and amendment of their protected health information maintained in a designated record set (DRS). To ensure that the DRS is completely identified but excludes information that does not pertain, covered entities should ad....

Who, me? Work as both a privacy officer and a security officer? It may seem impossible, but it can be done. While the roles of privacy officer and security officer are often presented as two distinct jobs in relation to HIPAA, if a lack of resources or personnel demand it, a daring HIM pro....

E-healthfrom basic health information Web sites to online consultationsis flourishing. And though the government is trying to protect consumers under the HIPAA privacy rule, many Web sites arent covered. In this article, privacy experts explain which Web sites are covered an....

In late March, the Department of Health and Human Services (HHS) released proposed changes related to the HIPAA privacy standards. By the time you read this column, the 30-day comment period for these regulations will have already passed, although debate on these changes will still be in full....

HIPAA promises patients the right to access and amend their medical records, but HIM departments are responsible for making it happen. How will your facility provide this service for patients? The author offers ideas from experts on designing an access and amendment process. Among the ch....

Q: In light of HIPAA restrictions on protected health information, Im concerned about our HIM departments practice of accepting HIM students for professional practice experience. What should be considered in deciding whether to continue this practice?

After almost a year's delay, the Department of Health and Human Services (HHS) published its promised recommendations to change and clarify the HIPAA Privacy Regulations that were originally published, as a "final rule" by HHS on December 28, 2000, in the Federal Re....

Q: I have been asked to identify all of my organizations business associates so we can update their contracts prior to the April 2003 HIPAA privacy rule compliance date. Unfortunately, existing contracts are not maintained in one place. How should I tackle this project?

Of all the components of HIPAA, physical security may be the most challenging and costly to address. After all, how do you move walls or create doors in open space? This article will show how physical security can be flexible, scalable, and reasonable for healthcare facilities.

In recent months, anthrax outbreaks and concern over bioterrorism threats have created a greater need for the US to have a system to monitor and report public health information in a timely manner. The Centers for Disease Control and Prevention (CDC) are developing standards for a new approach....